Tidewater Community College (Tidewater) has announced that the personal information, including names and Social Security numbers of 3,193 current and former faculty and staff members was compromised in a phishing scheme and the information has been used to file fraudulent tax returns.

The hacker impersonated a Tidewater employee and asked another Tidewater employee to send 2015 W-2 data of employees. The duped employee did so, exposing the names, Social Security numbers and wage information of 3,193 employees.

According to Tidewater, over 100 of their employees have been unable to file tax returns as a return has already been filed by fraudsters. When Tidewater found out about the high number of employees suffering from tax refund fraud, it detected the exposure. Tidewater is offering its current and former employees credit monitoring and is training employees on cybersecurity.